Security Operation Analyst (Threat and Vulnerability Management)

At Appfire, we believe that great work happens when people get to choose how they work. After 20 years of creating software that empowers teams to break silos and collaborate seamlessly, we've learned that one size does not fit all. That’s why at Appfire, you choose. 

Choose to work where you thrive: Whether from home, in one of our offices, or while exploring the world, you decide where you’re most productive. From hardware and software to access to two decades of collective wisdom on working effectively in a remote-first company, we’ve got you covered.

Choose to balance your life without compromise: Plan your workday around your needs and what matters most to you. Enjoy flexible time off without the hassle of complicated approvals. From day one, we trust you to deliver quality work without sacrificing your personal life, hobbies, loved ones, and well-being.

Choose to grow on your terms: Take charge of your professional growth with access to online learning platforms, facilitated training, leadership programs, and internal hackathons. Collaborate with a global team to gain fresh perspectives. When you're ready for a new challenge, our internal mobility program is here to support your journey.

No one knows you better than you do. So join us and customize your experience. Choose how you want to work. Choose Appfire.

 

About the role

Appfire is looking for a Security Operation Analyst In this role, you will be responsible for monitoring, assessing, and mitigating security risks within our organization, while supporting security incident and event management as a part of our SecOps team. You will be critical in identifying vulnerabilities, analyzing threats, and implementing robust security measures to safeguard our information systems.As we are a cloud-focused company, so you will be expected to have (preferred) or obtain the necessary skills to identify threats and vulnerabilities in the cloud with providers such as AWS,Azure, and GCP.You will be expected to engage in professional development to maintain continual growth in professional skills and knowledge essential to the position and, thrive in a highly collaborative workplace and actively engage in helping create secure software applications.

You will report to the Manager, SecOps and be a member of the Information Security Team. 

You can choose to work remotely from anywhere across India.   

Your everyday tasks will include:

• Threat Management:
  • Proactively identify, assess, and manage security threats to the organization’s information systems and networks.
  • Develop and implement threat management strategies, including threat hunting, analysis, and response.
  • Leverage threat intelligence sources to understand the evolving threat landscape and to support adjusting defenses accordingly.
  • Collaborate with cross-functional teams to evaluate and mitigate potential threats before they can impact the organization.
• Vulnerability Assessment:
  • Conduct regular vulnerability scans on the organization’s IT infrastructure to identify weaknesses.
  • Analyze scan results and security assessments to determine the risk level of identified vulnerabilities.
  • Work cross-functionally to prioritize vulnerabilities based on their potential impact and likelihood of exploitation.
• Incident Response:
  • Help develop and execute incident response plans.
  • Support the investigation of security events and incidents to determine their cause, impact, and necessary remediation steps.
  • Collaborate with IT and security teams to contain and mitigate threats.
• Risk Management:
  • Evaluate and recommend security controls and countermeasures to reduce risk.
  • Help develop security policies, procedures, and standards to ensure consistent protection across the organization.
  • Report on the organization’s security posture, providing insights and recommendations to senior management
• Security Awareness and Training:
  • Contribute to the development and delivery of security awareness and work with teams across the organization to ensure security policies and procedures are understood and followed.
• Compliance and Governance:
  • Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, SOC2, GDPR, NIST).
  • Participate in security audits and assessments to verify compliance and identify areas for improvement

Skills and experience you'll need to succeed:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field is preferred.
• 3-5 years of experience in cybersecurity or a related field.
• Strong knowledge of cybersecurity principles, network security, and threat management tools
• Ability to analyze and interpret complex data to identify security threats and vulnerabilities
• Strong problem-solving skills to develop and implement effective security solutions
• Excellent written and verbal communication skills to explain technical concepts to non-technical stakeholders
• Familiarity and hands-on experience with cloud security tools and technologies in AWS, Azure or GCP.
• Relevant certifications such as CISSP, CySA+, CEH, CompTIA Security+, or cloud-specific certifications are preferred.
• Tool & Technologies:
  • SIEM (Security Information and Event Management): Sumologic or equivalent. preferred
  • Vulnerability Scanners: Wiz, Rapid7, Burpsuite, Snyk, preferred.
  • Endpoint Protection: SentinelOne preferred.
  • Network Monitoring: AWS, Azure, GCP cloud security preferred.

Beyond the resume skills that match our culture and this role:

• You are dedicated to elevating client and co-worker experiences, knowing that exceptional work centers on serving others.
• You adapt swiftly to new business demands, understanding that change fuels collective and individual growth.
• You excel in communication, effectively connecting in remote/hybrid environments using tools like Slack, Zoom, and G Suite and through occasional in-person events.
• You have exceptional coaching, mentoring, and people development skills.

We offer:

Financial benefits

• Every Appfire employee is eligible for company equity.

• Remote working allowance up to INR 12,000 per annum (paid monthly).

Skills development benefits

• Access to the Appfire University learning platform – a hub of knowledge, interactive resources, and engaging instructor-led courses designed to fuel your learning journey with unparalleled depth and accessibility.

PTO, health & well-being

• Unlimited paid sick leave in the event of an employee’s own illness or injury.

• 21 working days of paid annual leave.

• 10 days of paid public holidays per calendar year.

• Maternity and paternity leave offerings.

• Group medical insurance: coverage of INR 5,00,000 per annum for a family, including dependents' parents with no additional cost.

• Personal accident insurance: coverage up to INR 15,00,000 for the employee.

• Group term life insurance: coverage up to INR 15,00,000 for the employee.

• Employee deposit linked insurance scheme (EDLI): employees are covered up to an amount of INR 7,00,000 as per the EDLI rules

Volunteering

• 3 fully paid days each year to participate in Appfire Town, Appfire’s Corporate Social Responsibility (CSR) Program.

Other

• Crèche benefit.

#LI-Remote

About Appfire

A people-first approach to business

Since its inception, Appfire has been a remote-first company. With 800+ employees (who we call fireflies) across 27 countries, we foster an environment where everyone is respected. We invest in team members by ensuring they grow professionally and personally.

Watch Appfire's Co-founder and CEO Randall Ward talk about his people-first leadership philosophy: https://youtu.be/GXuChQzzowI

Making an impact

At Appfire, corporate social responsibility is driven by team members, family, friends, customers, and partners through Appfire Town. This program brings people together to generate a strong social impact in our local and global communities.

Our CEO believes being philanthropic is integral to operating our business and is not merely the result of our success. In 2015, Appfire joined the Pledge 1% network of organizations committed to philanthropy. Appfire has since grown our Pledge 1% program to include all four pledge types — product, profit, equity, and employee time. We were among the first to do this, and we’re proud that Pledge 1% is part of our evolution.

Our business

Appfire has been profitable since its inception, with best-in-class free cash flow margins relative to the broader SaaS universe. The company's mission to equip and connect every team so they can plan and deliver their best work has proven successful, producing consistent year-over-year (YoY) growth – with Appfire growing from $10M ARR in 2019 to $200M ARR in 2023. 

What’s our secret sauce?

1. We follow teams. We do our research and build software that solves real-life collaboration challenges while being easy to implement and a joy to use. We’re proud to support over 20,000 customers and growing, including 55% of the Fortune 500. From the entertainment delivered by Netflix to the devices crafted by Samsung, and Dell Technologies and the financial transactions handled by Visa, Edward Jones, and US Bank, Appfire’s technology is indispensable. Our products also play a pivotal role in streamlining operations and fostering innovation at companies like Tesla and significant institutions such as NASA, Boeing, and many more. 
2. We enhance. We don’t compete. Our software is designed to give developers, knowledge workers, and teams the ability to extend and get greater value from the platforms they’ve invested in and enjoy. So far, our solutions extend and enhance the capabilities offered by Atlassian, Microsoft, monday.com, and Salesforce. 
3. We build bridges and invest in our partners. Appfire's success is underscored by the fact that the company has no direct sales team and instead leverages its channel program as its primary path to market. Today, Appfire has a dedicated Channel team supporting 700+ channel partners.
4. We make security and privacy a priority, but we also keep it simple for our customers. We’ve achieved International Organization for Standardization (ISO) 27001 and ISO 27017 and System and Organization Controls (SOC) SOC 2, Type I and SOC 2, Type II certifications. In 2022, we launched our award-winning Appfire Trust Center, offering our customers, partners, and prospects the latest security, privacy, and compliance information, including pre-completed questionnaires (CAIQ, SIG, and VSA) with an accelerated NDA process and just one EULA to cover it all.

Market recognition

Appfire has been consistently recognized for company growth, culture, corporate social responsibility, and product excellence and has been included among the Deloitte Technology Fast 500, Inc. Best Workplaces, BuiltIn Best Places to Work, and Inc. 5000. Learn more about our accomplishments, which would not be possible without our team members, partners, and customers: https://appfire.com/awards.

Read about Appfire's continuous growth and mission to equip and connect every team so they can plan and deliver their best work: https://appfire.com/newsroom/Appfire-Exceeds-200M-in-ARR-Signaling-Growing-Demand